From 6a84d0a575348d94cb94b213eff0b96ffde819c3 Mon Sep 17 00:00:00 2001
From: Dan Carpenter <dan.carpenter@oracle.com>
Date: Tue, 15 Aug 2017 13:29:49 +0300
Subject: [PATCH] math: fix handling of "(char *)&foo->bar - (char
 *)&foo->baz".

I only tested this on "(char *)&foo->bar - (void *)foo" so the other case
didn't work.

Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
---
 smatch_math.c | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/smatch_math.c b/smatch_math.c
index 76e038c2..54680671 100644
--- a/smatch_math.c
+++ b/smatch_math.c
@@ -202,8 +202,12 @@ static int handle_offset_subtraction(struct expression *expr)
 	left_offset = get_member_offset_from_deref(left);
 	if (right->type == EXPR_SYMBOL)
 		right_offset = 0;
-	else
+	else {
+		if (right->type != EXPR_PREOP || right->op != '&')
+			return -1;
+		right = strip_expr(right->unop);
 		right_offset = get_member_offset_from_deref(right);
+	}
 	if (left_offset < 0 || right_offset < 0)
 		return -1;
 
-- 
2.11.4.GIT